[Phpmyadmin-devel] disabled functions for security
Garvin Hicking
squirrel at supergarv.de
Sat Mar 8 14:18:05 CET 2003
Hi Marc!
> So, another suggestion. We reverse the logic of this part of code.
>
> If we cannot detect that file uploads are disabled, we set $is_upload to
> TRUE.
No, that's not really what I meant. I just wanted to propose, let the user choose
via $cfg[] option to override any autodetections for $is_upload. Like this:
$cfg['OverrideUpload'] = FALSE; // If set to TRUE, you can choose to override
auto-detection of your PHP's ability to allow file uploads and ENABLE them by all
means. Some PHP-installations permit the auto-detection function (ini_get) because
of security issues so phpMyAdmin is not able to see, if you can or cannot use file
uploads. WARNING: If your PHP installation is not able to allow file uploads, you
will definitely get errors and warnings when setting this to true.
Should also beat any existing records for the longest variable comment. ;-))
Regards,
Garvin.
More information about the Developers
mailing list